Home
Magazine
News
Latest News
Press Release Centre
News Archive
Companies
Jobs
Events
About us
Contact

Follow us:







Search Press
Looking for press releases of a particular company? Enter company name (or keyword) here.
   

PRQA Gears Towards “Securely Connecting the Embedded World”

Nuremberg, Germany, 14th March 2017 – PRQA, the leader in the provision of automated static analysis solutions for embedded application development, today announced updates to the QA·C and QA·C++ static analyzers to provide improved security testing for the C and C++ languages.

'The National Institute of Standards and Technology (NIST) estimates that as many as 64% of software vulnerabilities stem from programming errors and not a lack of security features,' said Richard Walker, Sales and Marketing Director, of PRQA. 'Our strength lies in addressing these errors. But these updates are just one part of our commitment to improved security. We are also active in working co-operatively to meet future demands.'

New CERT compliance and CWE compatibility modules

The QA·C and QA·C++ static analyzers are complementing MISRA compliance with CERT C, CERT C++ as well as compatibility for CWE (Common Weakness Enumeration) C and CWE C++. Compliance and compatibility enforcement can be applied to both new and legacy source code, increasing code reusability and decreasing time to market.

Robert Seacord, founder of the Secure Coding Institute, commented: “PRQA’s QA·C analyzer is effective at discovering violations of The CERT® C Coding Standard that were not discovered through 20 years of testing or by other static analysis tools”. And he continues, “Overall, the QA·C analyzer is an effective tool for eliminating secure coding flaws that can easily lead to software vulnerabilities.”

RePhrase Project - Developing new methodologies, techniques and tools for Multi-threading and Parallelism

PRQA is one of the members of the RePhrase (Refactoring Parallel Heterogeneous Resource-Aware Applications) project, an EU Horizon 2020 research project aiming to produce a complete flow of software engineering methodology, techniques and tools for developing data-intensive applications in C++, targeting heterogeneous multicore/manycore systems that combine CPUs and GPUs into a coherent parallel platform. One of the tasks is to create a safe and secure C++ subset of the C++ language based on best practice for multi-threading and parallelism.
This is now in draft and PRQA is seeking technical reviewers before it will be officially published in the summer 2017. Evgueni Kolossov, R&D Director at PRQA is leading the project and is available at the show to talk in more detail about the RePhrase project.

embedded world 2017

The embedded world 2017 Conference has the theme Securely Connecting the Embedded World. PRQA is echoing this theme, with an approach which advocates that if you wish to securely connect the embedded world, you will need to consider the following:
1. Quality isn’t equal to security, you cannot rely on high quality code alone, addressing software security requires a combination of people, process and technology
2. You need to detect and correct defects early in the development lifecycle stage to avoid expensive costs and delays
3. You need to ensure your source code is reliable, safe and secure


Publisher Contact Information:

PRQA
+44 (0) 1932 707309
fran_buchmann@programmingresearch.com

Company profile of PRQA
Past press releases of PRQA.



Copyright © 2004-2017
Professional Tester Inc.
All rights reserved.
Legal Information.